Getting to know Windows Intune part 2

In part one I gave a brief overview the Updates features of Windows Intune and of what Intune does as a whole and why infrastructure free management is cool. Now we’ll skim through the other features…

Lets take a look: Malware protection

To understand how malware protection works I infected my own machine. Not with anything scary but with the eicar test virus, always a handy call. When I say I infected it I don’t really mean that, what I actually did is started to download it and within a second – before the bits had started to land on my PC the anti-virus engine, which is based on Forefront so you know it’s enterprise class spotted it and let me know – as the user. It took less than 5 minutes for the console to flag the hit and only a couple of seconds more for the alert email to hit my inbox (see part six for this über admin feature).

On the console I could see that I had malware to follow up, which computer had taken the hit and what it had done to stop it. Another neato feature is that Intune makes it really easy to findout about the malware from the Microsoft Malware Protection Center.

Firewall management comes in the form of policies to manage Windows Firewall delivering the ability to control connections that can be made and blocked to the PC and even to control what the user is shown when the firewall stops a program from accessing the network. Further more it’s possible to control the firewall exceptions for specific applications letting you stop any computers in a group with Virtual PC installed allowing access to your network, for example.

Knowing which computers have had an infection is really handy so you can know which ones to go fix and how much better is it knowing before the user calls you…you could call them…that would be good service wouldn’t it?

Lets take a look: Firewall

This ability to go down to detail on the firewall is great, but the fact that it uses Windows Firewall reduces the footprint that you need to manage on a client. Policies can be combined, applied to groups and again a computer can be a member of more than one group. That gives you very nice control of the Windows firewall. There’s not much more to say about this really…it’s a critically important security mechanism and handled simply.

Lets take a look: Remote Assistance

Remote assistance is one of the most important offerings of Windows Intune offering simple, easy to use, request based remote control to help your users through their darkest hour. They deleted the pictures of their kids and they don’t know what the recycle bin is. And it’s 2 in the morning. And you’re on call. Familiar? Surely not.

Firing off a remote assistance request sends an alert to the console, and if you have alerting setup for it, off to your email inbox. With that you can view and take control of your users desktop to sort out their emergency. What makes this nice is that the console gives you a one stop shop to resolve the query.

Under the hood we use a great component called Easy Assist to establish the connection and you know you’re getting quality kit here because it’s part of our Live Meeting product and Microsoft uses it too. That’s provenance for you.

One question I’ve already been asked about this is why can’t I just take control of the users PC without them having to start things off. The obvious answer is security. Giving the user control of the request allows them to make sure they don’t have something confidential on screen when the administrator takes control or sees the screen. It’s better for your users. All they need do is open the Windows Intune Center on their PC and select the link to start request remote assistance, they can cancel it if they fix their problem too. You’ll get an email as the administrator if you’ve setup the alerts too.

Lets take a look: Software Inventory, Licensing and Reporting

Want to know what’s been installed well Software Inventory is where you’re headed and the inventory is pretty comprehensive. What’s great is that it there’s a “category” grouping so you can easily sort the inventory by that column and see what different types of security software are installed. From there it’s a single click to see which computers it’s installed on. There’s a great video on the Intune blog that gives you a 2 minute intro to the feature.

Software Licensing is a way to have Windows Intune automagically compare your estate to your license files like you’d get if you have an EA.

Reports is the place to go to find out what’s really going on though license wise. From here you can generate a report that allows you to understand exactly what software is deployed and if you’ve got licenses entered it will show your license status. All isn’t lost though if you don’t have an EA and this is were someone could add amazing value with this tool..the reports can be exported to CSV and with a little tinkering you could create an Excel file that cross references your licenses. Value add, right there.

Lets take a look: Alerting

It’s better when you get alerted to something as it happens before your user calls you and complains. Intune does this for you. This is an excerpt form the email I got when I infected my PC with EICAR, it took about 5 minutes for me to get the mail in total.

This gives me all the info I need to know what’s happening, it got followed up with a “follow-up” actions email and a resolved email. Alerts are managed through the Administration panel and they exist for all sorts of things, even corrupt file systems and repetitive crashes of Office 2003. The alert types are predefined but you can enable and disable them and you can specify the recipients who need to know about stuff. Requests for remote assistance come in the same way.

The end…but wait there’s more

That’s a very brief, 2 post overview of Intune. There’s more too it, but it doesn’t get much more complex than this, and the simplicity is why I really like this product. You’ll be up and running with it in hours, not days. I’ve got some more posts on this in the pipeline but here are the top resources for the beta right now:

Right now you should apply to join the beta – but remember we want people to try this out, we only have 10,000 places available and they’re filling up fast, but we want people with at least 5 computers to deploy to. You should also check out the official Windows Intune blog too for more.

Would there be a issue if client use a proxy to go out to the internet? The reason I ask is that from within InTune when I sent out requets for example an Malware update or scan. It sits there being queued.